[spec] The updated speculative specification is now up

nervuri nervuri at disroot.org
Thu Apr 8 17:59:31 BST 2021


On Wed, 2021-04-07, Sean Conner wrote:
>Also, stats [1] show that some 21% of Gemini sites still use TLS 1.2.
>Personally, I think that once this falls below 5% (or greater than 95%
>of all sites support TLS 1.3) we can revisit this decision.

Ok.  We should also test clients.  I was working on that, but other
things took priority.

Also, if the actual blocker is the percentage of servers and clients
supporting TLS 1.3, then that's what the specification should say,
rather than referring to libraries.  It can be vague, like:

>	TLS 1.2 is reluctantly permitted until TLS 1.3 support is more
>	widespread among Gemini servers and clients.  The minimum required TLS
>	version is 1.2, but clients who wish to be "ahead of the curve" MAY
>	refuse to connect to servers using TLS version 1.2.
>
>	Implementations MUST support TLS SNI...

This would be closer to Solderpunk's original text.


More information about the Gemini mailing list